Ohio official sues e-vote vendor for sloppy counting Ohio Secretary of State Jennifer Brunner wants an electronic voting machine vendor to pay for dropping hundreds of votes in the state's March primary election. In a filing at Franklin County Common Pleas Court, Brunner seeks unspecified damages from Premier Election Solutions, formerly Diebold. She claims Premier made false …
I'm sorry, but why exactly does the server collecting voting data require anti-virus software. They know _exactly_ which machines will be connecting and _exactly_ the data that is being updated (hopefully via ssh.)
What else is the server doing that makes it open to the possibility of virus infection?
Obviously they won't be running windows on pc-like hardware cos' that's just asking for trouble...
Who wants to go and vote when the system being used may lose your vote, or change it to another candidate, or even invent votes? Thank goodness up here in canuckland we still get to put an X on a piece of paper. As it is these days, with the kind of candidates we have, it's hardly worth the bother to go and vote.
To the machine vendors: come up with a secure, accurate, easy to use machine with an audit trail before flogging your wares to the government.
To the government: stop wasting our taxpayer money on crap.
This would have been so easy. Here's my thoughts from the time when "they" first started spouting the electronic voting idea:
1. Go into a booth.
2. Do the touch screen thing to select various candidates/issues to vote against.
3. Your ballot prints out on a laser printer
4. You look at it to confirm it's right.
5. You put it into an OCR reader.
6. Ballot pops out the other side.
7. You toss it into a lockbox and go to Waffle House.
The ballot is counted electronically twice and left on paper for audit. What could be simpler? What could be cheaper?
A simple html page with a touch screen and a mysql backend
Give me a day and I can build a simple system like that that can count things easy and I will even let whoever wants to read the code.
All there is left is to make a final page where the user can validate his vote, print it then commit it. (as on a simple 8x11 sheet of paper)
Once that is done, fold sheet, put in ballot box. The voter hands in a copy he was able to validate and if a re-count is needed, you tally THAT, not what was saved on the machine.
O and why bother with memory cards? Just take the keyboard out of the locked box, start a small script that does select counts, then show the result on screen. This can be entered as the official count for THIS machine, to be tallied the good old fashion way. I think additions are not too hard for your average pool counter.
Dead tux, cause the fact that the code for the software on those machines is closed is like saying you have to vote on a paper slip with no name on it, just white circles and a blank space they can put the name in later.
I saw a Diebold cash machine in Slovakia earlier this year, I needed some cash, but I decided to wait until I found one who's ability to count wasn't in question.
I know it could have worked in my favour too, but I didn't fancy the long distance calls to my bank in the UK (okay, their call centre in India via the UK number) if it went against me!
"Obviously they won't be running windows on pc-like hardware cos' that's just asking for trouble..."
But they DO. Diebold's election systems were the shittiest, ghettoest, buggiest election systems ever. When a copy of the software leaked to researchers a few years ago, It used like some old version of SQL server, Windows -- a FULL install, even though it shouldn't need most of it. It had been shown to have a default password on every install. It literally will misrecord votes every so often. Once they are recorded, it manages to randomly miscount the votes. It was *supposed* to have the cards physically moved from voting machines into the main unit to count the votes, but for some reason, votes could also be sent to the server electronically -- again, using an insecure, hard-coded password.
Physical security? They initially used a generic bike key to hold the units shut. Take 2: They use a better lock, but they had a site where anyone could order keys -- WITH a detailed enough photo of the key on the site, that researchers were able to make a duplicate *just based on the photo*. Yes, every unit nationwide used the same key, and yes, the photo had a great view of the key cuts. Take 3: Some undisclosed electronic lock. Given the general attention to detail that's been shown in the past, probably pickable with a paper clip.
Diebold spun off the election system division because it was literally sullying the name of the entire company (too late to help though I think.)
Premier (formerly Diebold) is headquartered in Ohio, so it's no wonder it has such high market penetration in the voting machine business there.
Too bad that Premier (formerly Diebold) didn't exploit the proximity of Carnegie-Mellon just over the state line in Pennsylvancia and its well known computer experts to ensure that their systems are actually secure.
[For some funny reason, I have a nagging suspicion that marketing droids interfered with the development process at Premier (formerly Diebold).]
As a marketing droid myself, there is no question where the fault lies at Premier (formerly Diebold): engineering is clearly exceptionally incompetent, and management even worse.
Marketing would not push engineering to use old OS, insecure passwords, stupid physical security and a system architecture that a well-informed six year old child would spit on.
The marketing team at Premier (formerly Diebold) is guilty of gross dishonesty (and stupidly trying to spin things where they've taken massive black eyes), but that's more or less what they're paid to do.. they get briefed by engineering.
Now management - who have run a company that makes ATMs, and _should_ known something about bullet-proof, KISS security, should have made damn sure their engineering team had their shit together. And after the first public fiascos, should have fired the senior technical managers for incompetence instead of becoming belligerent, litigous and -- ultimately -- pushing it to arms length to drop like a hot potato when no-one is watching.
More to the point, why is the board of directors of Diebold, owner of Premier (formerly Diebold), not cracking the whip for managament decisions that have fundemantally and permanently eroded the credibility and reputation of the company?
PS - the model of choose a candidate, print it, check it, stick in an OCR machine to register it, and then spit it into a lockbox sounds emminently sensible - it splits the "registering" part (which can be permanently locked down -- Candidate 1: x votes; Candidate 2: Y votes; Candidate 3: Z votes) from the "candidate name" part (which has to change every single election). And you have a guaranteed chad-free paper audit trail.
I have used the Diebold machines. The ballot is an 8.5x11 piece of paper with bubbles to fill in with a #2 pencil just like the SATs. You feed it into a scanner that reads it, and if you haven't voted on all the topics/people or if you voted too many times it tells you and gives it back for correction. Once you hit "Accept" it reads and stores the votes and then deposits the paper ballot into a locked metal box built under the scanner. End of the day, take all the scanners back to base and plug 'em in, it prints the results. If there is a close one or a dispute, there are paper balltos still locked up to be counted by hand. Not too bad IMHO
However the computer system itself works, the paper printout is the key to the final result. Be it on a full or partial sheet of paper, the printout should contain the following:
1) The machine-readable portion of the ballot, encoded cleartext in a public-domain format such as PDF417 or DataMatrix. This machine-readable portion should ONLY contain the codes for the votes cast on the ballot. This would allow for a separate machine to read the code if necessary and allow a person to verify the machine part against the following human-readable part.
2) The human-readable portion of the ballot, printed in clear legible text literate people with reasonable vision can easily read. For each line, there is both the code and the name(s)/decision(s) of the ballot/proposition in question.
Here in Montana, one of the few States that allow it, one can apply for PERMANENT absentee ballot status.
The County Clerk & Recorder mails you a ballot, which you can peruse at your leisure then mark your selections and mail it back (or drop off at the County Court House).
And you do NOT have to be an invalid to avail yourself of this system.
"The ballot is counted electronically twice and left on paper for audit. What could be simpler? What could be cheaper?"
How about just counting the paper ballots by hand?
Every candidate sends an unpaid volunteer to help them do the count. The adversarial relationship between counting personnel already ensures that the only way to reach agreement between all parties, is to tell the truth.
``I saw a Diebold cash machine in Slovakia earlier this year, I needed some cash, but I decided to wait until I found one who's ability to count wasn't in question."
Brilliant!
You should have withdrawn a large sum. No bank could possibly contend that Diebold can cound money correctly.
Completely agree. Make selection, get recipt, accept, re-insert recipt to have it OCRed, accept OCRed version as accurate. User presses 4 buttons (pretty simple), hardware costs a couple of hundred quid a time (pretty cheap!) and can run on a seriously cut down version of Linux or XPe.
Any networky stuff should be secure by virtue of using only secure, encrypted comms and only then between recognised mac addresses- with a few extra layers of hardware-checking done after finding the correct mac address to make it even less likely that it'll be cracked.
Physical security handled by having the machine pressurised with mustard gas- crack it open when it's not supposed to be and you die a painful death, you treacherous swine you.
Et voila- it's as secure as can be, simple to use and the user can check for problems.
Good to see Premier (formerly diebold) being sued for their screw-up. Let's hope it doesn't happen over here!
@ Matt Caldwell
I haven't seen an electronic voting machine that gives a paper copy. Even though South Carolina is the most backwards place I've had the pleasure of living, we aren't the only ones using touch screens with no method to recount. It would be nice if there was a paper trail, but then, both candidates are so similar, that I'm guessing it really isn't going to matter.
The government (and by extension... we citizens) is responsible for this mess, as they've signed a contract that allows the software to remain proprietary and removed from public scrutiny.
If you refer to Scott Granneman's excellent article back in late 2003...
http://www.theregister.co.uk/2003/11/18/electronic_voting_debacle/
and a report from the Cleveland Plain Dealer in August 2003...
http://www.commondreams.org/headlines03/0828-08.htm
...you'll observe the close link between a certain political party and the voting machine vendor in question. You clearly have stoopid technology that's being foisted on people by a political system that has lost all respect for its lifeblood.
Shameful that it should occur, and doubly shameful that the electorate stands for it. It shouldn't matter what political stripe you happen to be -- this is appalling behavior. It differs from developing-world thuggery only in the absence of goons with guns; the level of moral corruption is the same.
Three cheers for Jennifer Brunner!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
